1. Home
  2. Categories
  3. Support
  4. Otter - IIS Ensures

Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.

If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!

Otter - IIS Ensures

  • F

    Hi,

    Please could you take a look at the IIS Ensure's specifically around creating a site?

    I believe there is a bug:

    1. When entering a CertificateName (not hash) the GUI incorrectly spells the code as Certifcate when it converts it to Otterscript, meaning that when you try to run the code you receive an error message saying the key can't be found -it's looking for CertificateName. You can correct this manually in the text view of the editor to the CertificateName. However this took me a few hours to find!
    2. There is an edge case where using the Ensure Site exists in the following instance - you define a HTTPS binding outside Otter, on the same port as an existing HTTPS 443 binding with a valid cert. However, before the next configuration run starts, the certificate that is used for the existing HTTPS binding is deleted. In the GUI this would show as a HTTPS binding with "No Certificate Selected". At the next run, when the Ensure tries to correct the errors, it sees there is an existing HTTPS binding but you cannot configure the binding set in the Ensure Site configuration. Instead you receive an error saying that an existing Logon session existed. I think this is a refracted error and the actual fault is that you are trying to Ensure a HTTPS binding when one exists (although this cannot be used because the certificate has now been deleted). I think the fix for this would be to clear existing bindings before adding new ones.
    3. There is a bug in the Ensure Site whereby it incorrectly searches the wrong CertificateStore. In my case, the certificate was set to "LocalMachine" and indeed the certificate was stored in there. However every time I got configuration drift telling me it was actually in "CurrentUser". I think it is ignoring this setting or not searching correctly?

    Because of all the above I had to write my own code to do the HTTPS bindings as it was just too sketchy. This is a shame as I'm using your wonderful Ensure Application and Ensure AppPool without fault! I think it might just need a few tweaks?

    0 atripp 1 Reply
  • atripp
    inedo-engineer

    Hi @ForgotMyUsername ,

    Unfortunately this is not going to be possible to debug with the information you've provided.

    Except for the misspelling of Certficiate (which would have no bearing on executing the script), a cursory glance of the code shows that everything is otherwise wired up as expected:

    So, I'm hoping you help troubleshoot/debug some more, to show us where the issue is.

    IIS settings are ultimately stored in the applicationHost.config stored under %windir%\System32\inetsrv\config\. We do not directly work this file (as you can see from the code), but it's the easiest way to review the settings in IIS that Otter makes.

    To help us reproduce these issues, can you send:
    (1) Relevant appPool and site elements from the config file
    (2) OtterScript code that should work with those entries
    (3) Actual vs expected results in the config file

    And one note on the bindings... unfortunately this is a difficult problem in general to solve because IIS Sites have multiple bindings, but users often don't want to clear bindings. We used to have a Bindings property (it's still htere) that lets you specify a map, but it was too difficult/confusing to use.

    Cheers,
    Alana

    0
Log in to reply
 
Inedo Website HomeSupport HomeCode of ConductForums GuideDocumentation